Total
28988 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1608 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id parameter in a view operation. | |||||
CVE-1999-0591 | 2024-02-28 | 10.0 HIGH | N/A | ||
An event log in Windows NT has inappropriate access permissions. | |||||
CVE-2000-0398 | 1 Rockliffe | 1 Mailsite | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. | |||||
CVE-2000-1220 | 2 Redhat, Sgi | 2 Linux, Irix | 2024-02-28 | 10.0 HIGH | N/A |
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. | |||||
CVE-1999-0497 | 2024-02-28 | N/A | N/A | ||
Anonymous FTP is enabled. | |||||
CVE-2001-1495 | 1 Freshmeat | 2 Network Query Tool, Network Query Tool Phpnuke | 2024-02-28 | 7.5 HIGH | N/A |
network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter. | |||||
CVE-2002-2203 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 4.9 MEDIUM | N/A |
Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information. | |||||
CVE-2002-0137 | 1 Andreas Mueller | 1 Cdrdao | 2024-02-28 | 7.2 HIGH | N/A |
CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file. | |||||
CVE-2002-0310 | 1 Netwin | 1 Webnews | 2024-02-28 | 7.5 HIGH | N/A |
Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879. | |||||
CVE-2004-0050 | 1 Verity | 1 Ultraseek | 2024-02-28 | 5.0 MEDIUM | N/A |
Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others. | |||||
CVE-2001-1051 | 1 Dark Hart Portal | 1 Darkportal-unix | 2024-02-28 | 7.5 HIGH | N/A |
Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
CVE-1999-1394 | 1 Bsd | 1 Bsd | 2024-02-28 | 2.1 LOW | N/A |
BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device. | |||||
CVE-2004-0381 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-02-28 | 2.1 LOW | N/A |
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | |||||
CVE-2001-0605 | 1 Headlight Software | 1 Mygetright | 2024-02-28 | 7.5 HIGH | N/A |
Headlight Software MyGetright prior to 1.0b allows a remote attacker to upload and/or overwrite arbitrary files via a malicious .dld (skins-data) file which contains long strings of random data. | |||||
CVE-2000-0383 | 1 Aol | 1 Instant Messenger | 2024-02-28 | 5.0 MEDIUM | N/A |
The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. | |||||
CVE-2000-0320 | 2 Qualcomm, Sun | 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i | 2024-02-28 | 5.0 MEDIUM | N/A |
Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n. | |||||
CVE-2001-0197 | 2 Icecast, Redhat | 2 Icecast, Linux | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. | |||||
CVE-2001-1109 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands. | |||||
CVE-2003-0685 | 1 Netris | 1 Netris | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response. | |||||
CVE-2000-0836 | 1 Broadgun Software | 1 Camshot Webcam | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to execute arbitrary commands via a long Authorization header. |